⚡ THN Weekly Recap: New Attacks, Old Tricks, Bigger Impact
Mar 10, 2025Ravie LakshmananCybersecurity / Newsletter
Cyber threats today don't just evolve—they mutate rapidly, testing the resilience of everything from global financial systems to critical infrastructure. As cybersecurity confronts new...
U.S. Secret Service Seizes Russian Garantex Crypto Exchange Website
Mar 07, 2025Ravie LakshmananCryptocurrency / Ransomware
A coalition of international law enforcement agencies has seized the website associated with the cryptocurrency exchange Garantex ("garantexorg"), nearly three years after the service...
FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations
Mar 07, 2025Ravie Lakshmanan
Threat hunters have shed light on a "sophisticated and evolving malware toolkit" called Ragnar Loader that's used by various cybercrime and ransomware groups like Ragnar Locker...
Medusa Ransomware Hits 40+ Victims in 2025, Demands $100K–$15M Ransom
Mar 06, 2025Ravie LakshmananThreat Intelligence / Vulnerability
The threat actors behind the Medusa ransomware have claimed nearly 400 victims since it first emerged in January 2023, with the financially motivated...
EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing
Mar 06, 2025Ravie LakshmananMalware / Ransomware
The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working...
Over 4,000 ISP IPs Targeted in Brute-Force Attacks to Deploy Info Stealers and Cryptominers
Mar 04, 2025Ravie LakshmananNetwork Security / Ransomware
Internet service providers (ISPs) in China and the West Coast of the United States have become the target of a mass exploitation campaign...
Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates
Mar 04, 2025Ravie LakshmananCybercrime / Threat Intelligence
Threat actors deploying the Black Basta and CACTUS ransomware families have been found to rely on the same BackConnect (BC) module for maintaining...
The New Ransomware Groups Shaking Up 2025
In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023.
After a slow start, attacks spiked in Q2 and surged in Q4, with 1,827 incidents (33% of...
Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks
Mar 03, 2025Ravie LakshmananRansomware / Vulnerability
Threat actors have been exploiting a security vulnerability in Paragon Partition Manager's BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary...
RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable
Remote Desktop Protocol (RDP) is an amazing technology developed by Microsoft that lets you access and control another computer over a network. It's like having your office computer with...
